package cn.tedu.property_management_system.security;

import cn.tedu.property_management_system.entity.User;
import cn.tedu.property_management_system.entity.VO.UserVO;
import cn.tedu.property_management_system.ex.ServiceException;
import cn.tedu.property_management_system.mapper.UserMapper;
import cn.tedu.property_management_system.utils.JsonResult;
import cn.tedu.property_management_system.utils.SecurityUtil;
import com.alibaba.fastjson.JSON;
import io.jsonwebtoken.*;
import lombok.extern.slf4j.Slf4j;
import lombok.var;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;

import static cn.tedu.property_management_system.utils.Constant.SECRET_KEY;
import static cn.tedu.property_management_system.utils.JsonResult.State.FORBIDDEN;

//@Component
@Slf4j
public class AccessFilter implements Filter {

    @Autowired
    UserMapper userMapper;

    private static final String NORMAL_USER_ROLE_ID="3";

    private boolean IsNormalUser(UserVO userVO){
        List<String> roleIds = userVO.getRoleIds();
        int roleIdsSize = roleIds.size();
        if (roleIdsSize==1&&roleIds.get(0).equals(NORMAL_USER_ROLE_ID)){
            return true;
        }
        return false;
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        var request=(HttpServletRequest)servletRequest;
        var response=(HttpServletResponse) servletResponse;
        String uri = request.getRequestURI();
        String concurrentUserName=null;
        try {
            //如果此时用户处于没有登录,即未携带jwt访问,则会在获取用户名时抛出异常,此时则放行进入用户名密码过滤器
            concurrentUserName = SecurityUtil.getConcurrentUserName();
        }catch (ServiceException e){
            filterChain.doFilter(request, response);
            return;
        }
        UserVO user = userMapper.findByUsername(concurrentUserName);
        if (user==null){
            filterChain.doFilter(request, response);
            return;
        }
        log.debug("用户请求路径为[{}]",uri);
        if (uri.contains("/admin")||IsNormalUser(user)){
            log.debug("住户用户尝试访问后台管理系统,拦截请求并重定向至主页");
            response.sendRedirect("http://localhost:8081/user");
            response.setHeader("Access-Control-Allow-Origin","*");
            return;
        }
        filterChain.doFilter(request, response);
    }
}
